back to article Ivanti discloses fifth vulnerability, doesn't credit researchers who found it

In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of CVE-2024-22024 – the latest in a series of vulnerabilities affecting Ivanti …

  1. Anonymous Coward
    Facepalm

    Connect Secure - Are we now part of Ibanti?

    CVE-2024-22024 --- Vulnerability Research:

    «As part of the ongoing investigation, we discovered a new vulnerability as part of our internal review and testing of our code, which we are reporting as CVE-2024-22024.»

    “We did find this comment a little curious, but perhaps we have a new set of colleagues?”

  2. Anonymous Coward
    Anonymous Coward

    Software is floppy

    I think that virtually all "security" software can be downloaded by hackers so that they can work a way though it ... back in the early days my company was hacked once so I fixed it and installed two firewalls, making all user Internet access need to pass through both hardware units, the first firewall only protected a website and mail server and the second firewall, connected to the first one, made it difficult for hackers to access all the computers.

    I never saw it as 100% effective but hackers are always working to make everything quick and easy so I suspect they would try, and then move on when everything was slow for them.

    1. TheWeetabix Bronze badge
      Facepalm

      Re: Software is floppy

      You’re using the word “hacker” wrong. Also, it has nothing to do with fast or slow, and everything to do with the challenge.

  3. Plest Silver badge

    Safe to say by now that Ivanti should be on your vendor blacklist.

  4. Anonymous Coward
    Anonymous Coward

    What a Sh1t show

    As a corporate customer the experience has been beyond abysmal we (and I'm sure others) will be looking to switch vendor ASAP. I can only feel for their support staff who will be bearing the brunt of the pain. Our account management team can get in the sea, least responsive wastes of DNA in 30 plus years of IT.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like